Adding memory leak detections for the json fuzzer. #6012

Merged
merged 11 commits into from Apr 1, 2016

Fixing json memory leak.

commit 82a91c91d01ce9b999c8821ed13515883468e203 @nicolasnoble nicolasnoble committed Mar 30, 2016
@@ -180,6 +180,13 @@ grpc_json_reader_status grpc_json_reader_run(grpc_json_reader *reader) {
case GRPC_JSON_STATE_VALUE_NUMBER_WITH_DECIMAL:
case GRPC_JSON_STATE_VALUE_NUMBER_ZERO:
case GRPC_JSON_STATE_VALUE_NUMBER_EPM:
+ if (reader->depth == 0) {
+ return GRPC_JSON_PARSE_ERROR;
+ } else if ((c == '}') && !reader->in_object) {
+ return GRPC_JSON_PARSE_ERROR;
+ } else if ((c == ']') && !reader->in_array) {
+ return GRPC_JSON_PARSE_ERROR;
+ }
success = (uint32_t)json_reader_set_number(reader);
if (!success) return GRPC_JSON_PARSE_ERROR;
json_reader_string_clear(reader);
@@ -67,11 +67,8 @@ void guard_free(void *vptr) {
g_old_allocs.free_fn(ptr);
}
-struct gpr_allocation_functions g_guard_allocs = {
- guard_malloc,
- guard_realloc,
- guard_free
-};
+struct gpr_allocation_functions g_guard_allocs = {guard_malloc, guard_realloc,
+ guard_free};
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
char *s;
@@ -89,7 +89,7 @@ static testing_pair testing_pairs[] = {
{"{\"foo\": bar}", NULL},
{"{\"foo\": bar\"x\"}", NULL},
{"fals", NULL},
- {"0,0", NULL},
+ {"0,0 ", NULL},
/* Testing unterminated string. */
{"\"\\x", NULL},
/* Testing invalid UTF-16 number. */